[Feature Request] Auto-discovery objects via SNMP

[klaver]

If there is one place where all IP address information is already available, it's at the routers arp tables. Those can easily be queried via SNMP to fill the initial IPAM database. (also applies to VRF and Vlan information).

[plajjan]

Okay, so we can look at IP address and subnet mask configured on interfaces to get some information but what should we do with ARP tables? We know there is an address but then what? Use DNS to resolve hostname and store that in NIPAP?

It's difficult to put meaningful descriptions...

Same thing with VRFs, sometimes there are VRF names configured in the router that could pose as the base of a description but not always.

[plajjan]

And I think I would rather put this as a separate script rather than integrating it fully with the NIPAP web UI - would that be acceptable? It would significantly ease the implementation.

If it is integrated in the UI it would typically mean that we would create a job on the backend that would run at a later time and populate the database. It requires job queueing support and the backend would always be the machine that talks to the network.

NIPAP typically has the role of a repository and is not an actor, ie other components communicate with other nodes and populate data in NIPAP. Putting this in the web UI would mean we let NIPAP be an actor or have the interface interact with an external component that does the polling - neither of which are appealing to me.

For these reasons I prefer a simple CLI app that can be run separately to poll the network and populate data in NIPAP.

[dosomder]

It's an interesting idea. However I agree with plajjan, the web-ui is not the place for that. A simple app sounds like the best option, maybe even let the admin review the gathered data before populating it to the db.

[klaver]

I see this as a feature with dual use: as first-time run to populate a fresh NIPAP database based upon an existing infrastructure, and/or as differential tool to discover mismatches between documentation and actual use (for example illegal addresses/vlans in use, etc).

This feature could also be used to notify lazy network engineers about missing vlan and vfr descriptions at their actual network configuration files and enforce them to update it with proper meaningful info.

For IP addresses a two-way reverse-DNS check (PTR-> name, name->A) would be a nice start as description (and when DNS records don't match colour them red for example). But this DNS check could also be a standalone feature, adding an extra column to the webpage.

Another interesting part of accessing the ARP tables via SNMP would be the list of MAC-addresses associated to IP addresses, which could be matched with the IEEE OUI database to display manufacturer information.

[swizzley]

NIPAP would be the solution of choice if discovery was available...